search

cmu-sei / pharos

Automated static analysis tools for binary programs
Other
1.57k stars 192 forks source link

Segmentation fault (core dumped) #268

Closed sudoLife closed 7 months ago

sudoLife commented 7 months ago

Hi,

First, thank you for all your work!

I am trying out OOAnalyzer on a 5.6M 32-bit DLL using the guide for large executables. I get a segfault on step 2 when trying to use the actual OOAnalyzer.

My computer specs:

Linux Distribution:             Arch Linux
Linux Kernel:                   6.6.26-1-lts
Computer Model:                 TUXEDO TUXEDO Pulse 15 Gen1 Standard
Processor (CPU):                AMD Ryzen 7 4800H with Radeon Graphics
CPU Sockets/Cores/Threads:      1/8/16
Architecture:                   x86_64 (64-bit)
Total memory (RAM):             63720 MiB (63GiB) (66816 MB (67GB))

I tried using 128000, 57000 and 50000 memory parameter with 16, 16, and 4 threads, respectively, with the same result. I don't know if I am missing some calculation here. Maybe it was never meant to be used on DLLs?

If you want me to debug this somehow, give me some pointers and I'll try my best :)

sei-eschwartz commented 7 months ago

We are investigating a concurrency problem in #267. Can you try to run without --threads=X and see if the crash occurs?

sudoLife commented 7 months ago

We are investigating a concurrency problem in #267. Can you try to run without --threads=X and see if the crash occurs?

Yes, I'm on it! Will update.

sudoLife commented 7 months ago

UPD: It's gotten to function analysis which it couldn't do before! Currently at 3%. I set memory to 57000. It has some errors like "analysis of function <address> failed: relative memory exceeded" and things like that but I assume that's just part of the process since it doesn't crash.

I'll let you know if it gets to the end and thanks for such a prompt response!

UPD 2: got to the end of step 2!

sei-eschwartz commented 7 months ago

Great. Sounds like pretty normal warnings.

From: Matvei @.***> Sent: Wednesday, April 24, 2024 1:53 PM To: cmu-sei/pharos Cc: Edward J Schwartz; Assign Subject: Re: [cmu-sei/pharos] Segmentation fault (core dumped) (Issue #268)

Warning: External Sender - do not click links or open attachments unless you recognize the sender and know the content is safe.

UPD: It's gotten to function analysis which it couldn't do before! Currently at 3%. I set memory to 57000. It has some errors like "analysis of function

failed: relative memory exceeded" and things like that but I assume that's just part of the process since it doesn't crash.

I'll let you know if it gets to the end and thanks for such a prompt response!

— Reply to this email directly, view it on GitHubhttps://github.com/cmu-sei/pharos/issues/268#issuecomment-2075516839, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AL6ZAVCX5ERZZWKEK72XYFDY67WR5AVCNFSM6AAAAABGXKBD66VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANZVGUYTMOBTHE. You are receiving this because you were assigned.Message ID: @.***>

sudoLife commented 7 months ago

Thanks, it finished! I guess we can close this issue, and I'll keep watch over the related bug.

Quick question, where is the readme for putting the results to Ghidra? This link from this README section is broken.

sei-eschwartz commented 7 months ago

That functionality was moved to https://github.com/certcc/kaiju

Thanks for telling us about the broken link, we'll get that fixed.